Insider Threat Vulnerability Assessments

To effectively mitigate the threats posed by trusted insiders, you must understand your organization’s susceptibility to those threats. The CERT Insider Threat Vulnerability Assessment helps you determine how prepared you are to prevent, detect, and respond to insider threats, should they appear in your organization.

Using the insider threat incident repository, we examine the problems from technical, behavioral, process, and policy perspectives to form an approach to help you develop strategies that prevent, detect, and respond to insider threats.

By asking us to perform an assessment on your organization, you take the first step in safeguarding your critical assets, gaining a better understanding of your vulnerability to insider threats, and managing the risks associated with them. The assessment results benefit everyone involved in the vulnerability assessment process and provide a measure of your organization’s preparedness to prevent, detect, and respond to the threats posed by insiders.

Assessment Process

For the assessment, members of our insider threat center staff spend three to five days at your organization. During that time, we review documents, interview key personnel in your organization, and observe key processes and security issues. We sign a non-disclosure agreement to ensure that all collaborations remain confidential.

After the onsite visit, we provide you with a confidential report that contains the findings of the assessment to help you understand your exposure to insider threats along multiple vectors (technical, behavioral, process, and policy) and deliver a single, actionable framework to manage these issues and associated risks.

Recommended Resources

Related Areas of Work

A resilient organization meets its commitments and objectives with consistency and predictability in the face of changing risk environments and potential disruptions. The Cyber Risk and Resilience Management team has developed approaches to help your organization improve its resilience.

The CERT approach to cybersecurity workforce development builds knowledge, skills, and experience in a continuous cycle of professional development. We offer comprehensive, targeted, and cost-effective training options that can be tailored to the needs of your organization.

The Digital Intelligence and Investigation Directorate (DIID) develops technologies, capabilities, and practices that organizations can use to develop incident response capabilities and facilitate incident investigations.